Fortinet Updates
1895Warning Date
Severity Level
Warning Number
Target Sector
13 July, 2021
● High
2021-3172
All
Description:
Fortinet has released security updates to address several vulnerabilities in the following products:
- FortiMail version 6.4.3 and below.
- FortiMail 6.4.3 and below
- FortiClient for MacOS versions 6.4.3 and below.
- FortiSandbox 3.2.1 and below. FortiSandbox 3.1.4 and below
- FortiMail version 6.4.4 and below
- FortiMail version 6.4.4 and below
- FAP-S 6.2.4 through 6.2.5
- FAP-W2 6.2.4 through 6.2.5
- FortiAnalyzer versions 6.4.5 and below
- FortiManager versions 6.4.5 and below
- FAP 6.4.1 through 6.4.5
- Any FSSO DC Agent and Collector released with FOS 6.4.5 or below
- FortiMail version 6.2.6 and below.
- FortiAnalyzer versions 6.2.7 and below
- FortiManager versions 6.2.7 and below
- FortiMail version 5.4.12 and below.
- FortiAnalyzer versions 6.0.x
- FortiManager versions 6.0.x
- FortiMail version 6.0.10 an below.
- Any FSSO DC Agent and Collector released with FOS 7.0.0 or below
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Command injection
- Escalation of privilege
- Buffer overflow
Best practice and Recommendations:
The CERT team encourages users to review Fortinet security advisory and apply the necessary updates:
- https://www.fortiguard.com/psirt/FG-IR-20-185
- https://www.fortiguard.com/psirt/FG-IR-21-005
- https://www.fortiguard.com/psirt/FG-IR-20-194
- https://www.fortiguard.com/psirt/FG-IR-21-003
- https://www.fortiguard.com/psirt/FG-IR-21-027
- https://www.fortiguard.com/psirt/FG-IR-21-012
- https://www.fortiguard.com/psirt/FG-IR-21-021
- https://www.fortiguard.com/psirt/FG-IR-21-023
- https://www.fortiguard.com/psirt/FG-IR-21-042
- https://www.fortiguard.com/psirt/FG-IR-21-031
- https://www.fortiguard.com/psirt/FG-IR-20-244
- https://www.fortiguard.com/psirt/FG-IR-21-019
- https://www.fortiguard.com/psirt/FG-IR-21-014
- https://www.fortiguard.com/psirt/FG-IR-21-022
- https://www.fortiguard.com/psirt/FG-IR-20-210
- https://www.fortiguard.com/psirt/FG-IR-20-191